On 2010-01-22 03:54, Brian Haberman wrote:
> On 1/19/10 9:51 PM, Brian E Carpenter wrote:
>> On 2010-01-20 15:22, Ranjith ......knowing peking wrote:
>>> Most of the current implementations of ULA does not support automatic
>>> generation of the global IDs corresponding to the ULAs. Users have to
>>> generate the global id by using some external software (using the interface
>>> id and current NTP time on the router). The User will have to do a lot to
>>> generate and configure an ULA address, which he may tend to avoid.
>> It seems to me trivial for a CPE router to do this (after a factory reset,
>> for example). We just need to specify it as a requirement.
>>
>>> Besides this, Once a global id is generated, filters should be added at the
>>> site boundaries.
>>> As Site is ambiguous, i feel manual configuration is required for supporting
>>> ULA based network.
>> The filter is on the WAN side. That also seems trivial to automate, since the
>> CPE knows where its WAN interface is.
>
> As long as the filter is for *all* ULAs. That way, if there are
> multiple ULA prefixes in use on a network with multiple CPEs, you won't
> have leakage of ULAs not generated on that specific CPE.
Correct, which is exactly what RFC4193 section 4.3 says:
Site border routers and firewalls should be configured to not forward
any packets with Local IPv6 source or destination addresses outside
of the site, unless they have been explicitly configured with routing
information about specific /48 or longer Local IPv6 prefixes.
Brian C
--------------------------------------------------------------------
IETF IPv6 working group mailing list
[email protected]
Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
--------------------------------------------------------------------
